$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1030/r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa File: r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa (raw, json) Hash identifier: HFIG7iXNBsXb+vT7M7qx9nPx1zt4/JVmwPHUeyaqDfU= Subject key identifier: AF:B5:90:18:C4:44:11:F2:38:16:68:3A:3D:0D:E4:B5:29:00:B6:97 Certificate issuer: /CN=7AB6E2F4C45731D03C27AEAFDD608611871B423C Certificate serial: 0CA9 Authority key identifier: 7A:B6:E2:F4:C4:57:31:D0:3C:27:AE:AF:DD:60:86:11:87:1B:42:3C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/erbi9MRXMdA8J66v3WCGEYcbQjw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa Signing time: Wed 13 Mar 2024 01:23:31 +0000 ROA not before: Wed 13 Mar 2024 01:23:31 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131530 IP address blocks: 103.43.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/erbi9MRXMdA8J66v3WCGEYcbQjw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/erbi9MRXMdA8J66v3WCGEYcbQjw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/erbi9MRXMdA8J66v3WCGEYcbQjw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 18:52:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3241 (0xca9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7AB6E2F4C45731D03C27AEAFDD608611871B423C Validity Not Before: Mar 13 01:23:31 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=AFB59018C44411F23816683A3D0DE4B52900B697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a8:fc:85:9e:02:f2:c3:51:b2:fb:9b:fd:aa: 63:8d:94:88:e9:30:a1:2e:90:78:4a:ff:45:48:4b: c0:42:fd:37:c7:02:a0:68:1b:f7:f0:29:81:b0:ce: 5a:1f:d7:d7:37:8f:ee:58:99:76:f9:b9:53:4a:e3: 47:90:e2:5f:07:ae:94:47:d2:ed:f0:53:32:b0:2b: a5:21:71:79:b0:89:99:5d:ad:07:a9:d4:89:5e:c6: 9e:ba:91:c3:a0:7f:14:7d:7d:23:ff:42:ac:d8:16: bf:58:f5:54:90:e8:f8:81:21:0e:f0:be:3f:e9:38: 02:31:82:44:32:05:37:90:64:ea:9d:42:81:5d:4b: e7:05:c6:89:64:3c:96:af:18:42:f7:bd:6a:9b:40: 03:9d:b0:01:50:09:e2:75:1f:54:0f:bb:fd:bc:6c: ad:ef:15:88:8c:6f:85:da:70:63:71:da:03:0a:46: 64:0a:22:4a:38:85:85:0f:4c:13:40:99:9b:ab:37: 49:22:b4:59:64:30:6e:7d:1d:e3:00:f3:cf:14:cc: a8:1a:b9:07:35:ed:6c:bf:25:b6:fa:70:db:d9:e3: 06:74:7b:b9:60:ea:e4:b3:36:c2:66:db:05:64:00: fc:2a:01:91:ba:43:eb:48:bd:d7:67:b4:86:a2:22: 55:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:B5:90:18:C4:44:11:F2:38:16:68:3A:3D:0D:E4:B5:29:00:B6:97 X509v3 Authority Key Identifier: keyid:7A:B6:E2:F4:C4:57:31:D0:3C:27:AE:AF:DD:60:86:11:87:1B:42:3C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/erbi9MRXMdA8J66v3WCGEYcbQjw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/erbi9MRXMdA8J66v3WCGEYcbQjw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.43.192.0/22 Signature Algorithm: sha256WithRSAEncryption 38:b1:63:ec:d7:5d:75:ef:0a:56:e9:9c:c7:fe:e2:e8:61:da: 7c:d0:50:1f:24:37:9b:42:90:1d:0f:14:97:6b:c5:3b:af:a1: 94:63:20:81:f1:2a:45:a4:20:af:ee:ad:d7:b0:53:e4:0b:b2: 10:96:1f:eb:b8:8d:70:0b:28:d3:1a:00:17:ed:2b:6f:a8:ea: f0:2f:95:5f:e3:98:3f:49:98:97:57:34:49:cb:4d:5f:ed:41: 8e:91:e9:29:a6:76:83:22:71:f6:90:cf:5b:a2:d2:4c:aa:89: b6:26:86:34:51:a5:2f:b3:fd:d4:f2:57:56:2e:64:4f:b5:1a: 9a:f3:8f:5e:af:f4:64:22:32:f6:f5:b0:e7:3e:3d:23:8a:94: 5a:4e:a2:f9:68:bb:65:d4:b9:3d:ad:8a:e6:1e:7d:0e:bc:41: 71:51:dc:f0:f3:fd:20:33:f9:91:00:6a:99:83:27:d1:b9:30: fb:36:3c:a6:5e:53:bb:95:50:a4:75:b3:ed:83:a2:39:7f:b2: 11:98:08:06:30:94:61:a3:83:69:34:f2:33:52:12:d1:fa:07: df:d8:7e:74:a5:58:e8:b9:fd:d5:0d:dd:e7:3f:36:67:10:66: 2d:b2:07:63:31:7c:7e:e8:64:56:18:04:0d:95:f3:d1:62:f4: a6:6b:83:e6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0FC NkUyRjRDNDU3MzFEMDNDMjdBRUFGREQ2MDg2MTE4NzFCNDIzQzAeFw0yNDAzMTMw MTIzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGQjU5MDE4QzQ0NDEx RjIzODE2NjgzQTNEMERFNEI1MjkwMEI2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFqPyFngLyw1Gy+5v9qmONlIjpMKEukHhK/0VIS8BC/TfHAqBo G/fwKYGwzlof19c3j+5YmXb5uVNK40eQ4l8HrpRH0u3wUzKwK6UhcXmwiZldrQep 1Ilexp66kcOgfxR9fSP/QqzYFr9Y9VSQ6PiBIQ7wvj/pOAIxgkQyBTeQZOqdQoFd S+cFxolkPJavGEL3vWqbQAOdsAFQCeJ1H1QPu/28bK3vFYiMb4XacGNx2gMKRmQK Iko4hYUPTBNAmZurN0kitFlkMG59HeMA888UzKgauQc17Wy/Jbb6cNvZ4wZ0e7lg 6uSzNsJm2wVkAPwqAZG6Q+tIvddntIaiIlV7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUr7WQGMREEfI4Fmg6PQ3ktSkAtpcwHwYDVR0jBBgwFoAUerbi9MRXMdA8J66v 3WCGEYcbQjwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAz MC9lcmJpOU1SWE1kQThKNjZ2M1dDR0VZY2JRancuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2VyYmk5TVJYTWRBOEo2NnYzV0NHRVljYlFqdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMzAvcjdXUUdNUkVFZkk0 Rm1nNlBRM2t0U2tBdHBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcrwDANBgkqhkiG9w0BAQsFAAOCAQEAOLFj7Nddde8KVumcx/7i6GHafNBQ HyQ3m0KQHQ8Ul2vFO6+hlGMggfEqRaQgr+6t17BT5AuyEJYf67iNcAso0xoAF+0r b6jq8C+VX+OYP0mYl1c0SctNX+1BjpHpKaZ2gyJx9pDPW6LSTKqJtiaGNFGlL7P9 1PJXVi5kT7UamvOPXq/0ZCIy9vWw5z49I4qUWk6i+Wi7ZdS5Pa2K5h59DrxBcVHc 8PP9IDP5kQBqmYMn0bkw+zY8pl5Tu5VQpHWz7YOiOX+yEZgIBjCUYaODaTTyM1IS 0foH39h+dKVY6Ln91Q3d5z82ZxBmLbIHYzF8fuhkVhgEDZXz0WL0pmuD5g== -----END CERTIFICATE-----Generated at Sat Sep 28 14:35:02 2024 by rpki-client on console-ams.rpki-client.org